package com.jmu.posms.shiro;

import com.jmu.posms.dto.PermissionDto;
import com.jmu.posms.pojo.Permission;
import com.jmu.posms.pojo.Role;
import com.jmu.posms.pojo.User;
import com.jmu.posms.service.PermissionService;
import com.jmu.posms.service.UserService;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import javax.annotation.Resource;
import java.util.List;

@Slf4j
public class MyRealm extends AuthorizingRealm {
    @Resource
    UserService userService;

    @Resource
    PermissionService permissionService;
    /**
     * 授权
     * @param arg0
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) {
        log.info("授予权限、角色");
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();

        //获取当前登录用户的信息
        Subject subject = SecurityUtils.getSubject();
        User user = (User) subject.getPrincipal();

        //获取权限集合信息
        PermissionDto allPermissions = permissionService.findAllPermissions(user.getId(),1);

        if(allPermissions.getRoles()!=null){
            //赋予角色
            List<Role> roles = allPermissions.getRoles();
            for (Role role : roles) {
                authorizationInfo.addRole(role.getRoleName());
            }
        }


        if(allPermissions.getPermissions()!=null){
            //赋予权限
            for (Permission perm : allPermissions.getPermissions()) {
                authorizationInfo.addStringPermission(perm.getPermissionName());
            }
        }


        log.info(allPermissions.toString());
        if(authorizationInfo.getRoles()!=null&&authorizationInfo.getStringPermissions()!=null){
            log.info("当前用户角色有：---"+authorizationInfo.getRoles().toString());
            log.info("当前用户权限有：---"+authorizationInfo.getStringPermissions().toString());
        }
        return authorizationInfo;
    }


    /**
     * 认证
     * @param authenticationToken
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //UsernamePasswordToken用于存放提交的登录信息
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        log.info("认证："+((UsernamePasswordToken) authenticationToken).getUsername());

        String username = token.getUsername();
        token.getPassword();

        // 调用数据层，获取用户信息
        User user = userService.findByUserName(username);


        if (user == null) {
            // 用户不存在
            return null;
        }
        /*
            返回密码 , 密码为密文形式 如果要校验则要与和前端传入的密码进行对比
            第一个为user对象，第二个为明文密码，第三个为作为加密的盐值  第四个当前类的名称
         */
        return new SimpleAuthenticationInfo(user,
                user.getPassword(),
                ByteSource.Util.bytes(user.getModifyDate()),
                getName());
//        return new SimpleAuthenticationInfo();
    }

}
